Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,583 advisories

Loading
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not... High Unreviewed
CVE-2013-6770 was published May 17, 2022
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1... High Unreviewed
CVE-2014-1691 was published May 17, 2022
Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD... High Unreviewed
CVE-2014-2132 was published May 17, 2022
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome... High Unreviewed
CVE-2013-6652 was published May 17, 2022
The Proc::Daemon module 0.14 for Perl uses world-writable permissions for a file that stores a... High Unreviewed
CVE-2013-7135 was published May 17, 2022
The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm... High Unreviewed
CVE-2013-4737 was published May 17, 2022
MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial... High Unreviewed
CVE-2013-2829 was published May 17, 2022
Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with... High Unreviewed
CVE-2014-0355 was published May 17, 2022
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute... High Unreviewed
CVE-2014-0770 was published May 17, 2022
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to... High Unreviewed
CVE-2013-6661 was published May 17, 2022
The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424... High Unreviewed
CVE-2013-5014 was published May 17, 2022
Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180... High Unreviewed
CVE-2013-1375 was published May 17, 2022
Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary... High Unreviewed
CVE-2014-0349 was published May 17, 2022
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28... High Unreviewed
CVE-2014-2133 was published May 17, 2022
The Enhanced Web Filtering (EWF) in Juniper Junos before 10.4R15, 11.4 before 11.4R9, 12.1 before... High Unreviewed
CVE-2014-2714 was published May 17, 2022
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly... High Unreviewed
CVE-2014-1209 was published May 17, 2022
Cross-Site Request Forgery in Jenkins Autocomplete Parameter Plugin High
CVE-2022-30969 was published for org.jenkins-ci.plugins:autocomplete-parameter (Maven) May 18, 2022
NotMyFault
Cross-site Scripting in Jenkins Multiselect parameter Plugin High
CVE-2022-30964 was published for io.jenkins.plugins:multiselect-parameter (Maven) May 18, 2022
NotMyFault
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin High
CVE-2022-30961 was published for org.jenkins-ci.plugins:autocomplete-parameter (Maven) May 18, 2022
NotMyFault
Cross Site Request Forgery in Jenkins SSH Plugin High
CVE-2022-30958 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute... High Unreviewed
CVE-2014-2847 was published May 17, 2022
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602... High Unreviewed
CVE-2013-0650 was published May 17, 2022
Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 ... High Unreviewed
CVE-2013-7350 was published May 17, 2022
The web management interface on Zyxel P660 devices allows remote attackers to cause a denial of... High Unreviewed
CVE-2013-3588 was published May 17, 2022
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain... High Unreviewed
CVE-2013-6769 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database